<!DOCTYPE html>
<html>
<head>
<title>Geolocation On An Secure Origin Embedded in a Secure Origin</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/get-host-info.js"></script>
</head>
<body>
</body>
<script>
    var num_received = 0;
    if (window.testRunner)
        testRunner.overridePreference(
            "WebKitStrictPowerfulFeatureRestrictions", true);

    async_test(function () {
        window.addEventListener("message", this.step_func(function (event) {
            assert_equals(event.data.success, true);
            num_received++;
            if (num_received == 5)
                this.done();
        }));

        var iframe = document.createElement("iframe");
        iframe.src = "/security/powerfulFeatureRestrictions/resources/" +
                     "geolocation.html";
        document.body.appendChild(iframe);

        // A srcdoc should be skipped in the ancestor check.
        var iframe = document.createElement("iframe");
        iframe.srcdoc = "<script>" +
                        "window.addEventListener('message', function (evt) {" +
                        "window.parent.postMessage(evt.data, '*'); });" +
                        "</sc" + "ript>" +
                        "<iframe src='" + get_host_info().HTTP_ORIGIN +
                        "/security/powerfulFeatureRestrictions/resources/" +
                        "geolocation.html' allow='geolocation *;'>" +
                        "</iframe>";
        document.body.appendChild(iframe);

        // A sandboxed iframe should use the frame's URL as the origin to check.
        var iframe = document.createElement("iframe");
        iframe.sandbox = "allow-scripts allow-same-origin";
        iframe.src = "/security/powerfulFeatureRestrictions/resources/" +
                     "geolocation.html";
        iframe.allow = 'geolocation *;';
        document.body.appendChild(iframe);

        // Insecure origin frames sandboxed secure origin frames secure
        // origin.
        var iframe = document.createElement("iframe");
        iframe.sandbox = "allow-scripts allow-same-origin";
        iframe.src = get_host_info().HTTP_ORIGIN +
                     "/security/powerfulFeatureRestrictions/resources/" +
                     "geolocation-in-iframe.html";
        iframe.allow = 'geolocation *;';
        document.body.appendChild(iframe);

        // Regression test for crbug.com/478784
        var iframe = document.createElement("iframe");
        iframe.srcdoc =
            "<script>" +
            "window.addEventListener('message', function (evt) {" +
            "window.parent.postMessage(evt.data, '*'); });" +
            "</sc" + "ript>" +
            "<iframe sandbox='allow-scripts allow-same-origin' src='" +
            get_host_info().HTTP_ORIGIN +
            "/security/powerfulFeatureRestrictions/resources/" +
            "geolocation.html' allow='geolocation *;'>" +
            "</iframe>";
        document.body.appendChild(iframe);

    }, 'getCurrentPosition in iframe');
</script>
</html>
